public void Test_Runner_Jmp_5b()
{
string programStr =
" mov rax, 0 " + Environment.NewLine +
" cmp rax, 0 " + Environment.NewLine +
" jz label1 " + Environment.NewLine +
" mov rax, 10 " + Environment.NewLine +
" jmp label2 " + Environment.NewLine +
"label1: " + Environment.NewLine +
" mov rax, 20 " + Environment.NewLine +
"label2: ";
Tools tools = CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
//var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
var dFlow = Runner.Construct_DynamicFlow_Forward(sFlow, tools);
State state0 = dFlow.Create_States_Before(0, 0);
Assert.IsNotNull(state0);
State state = dFlow.EndState;
Assert.IsNotNull(state);
if (logToDisplay)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
TestTools.AreEqual(Rn.RAX, 10, state);
}
public void Test_Runner_Jmp_4()
{
string programStr =
" jz label1 " + Environment.NewLine +
" mov rax, 10 " + Environment.NewLine +
" jmp label2 " + Environment.NewLine +
"label1: " + Environment.NewLine +
" mov rax, 10 " + Environment.NewLine +
"label2: " + Environment.NewLine +
" mov rax, 20 ";
Tools tools = CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
//var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
var dFlow = Runner.Construct_DynamicFlow_Forward(sFlow, tools);
//if (logToDisplay) Console.WriteLine(dFlow.ToString(sFlow));
State state = dFlow.EndState;
//if (logToDisplay) Console.WriteLine(state);
TestTools.IsTrue(state.IsConsistent);
TestTools.AreEqual(Rn.RAX, 20, state);
}
public void Test_Runner_Jmp_5()
{
string programStr =
" jz label1 " + Environment.NewLine +
" mov rax, 10 " + Environment.NewLine +
" jmp label2 " + Environment.NewLine +
"label1: " + Environment.NewLine +
" mov rax, 20 " + Environment.NewLine +
"label2: ";
Tools tools = CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
//var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
var dFlow = Runner.Construct_DynamicFlow_Forward(sFlow, tools);
bool logToDisplay2 = true;
tools.Quiet = true;// !logToDisplay2;
State state = dFlow.EndState;
Assert.IsNotNull(state);
if (logToDisplay2)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_000????0", state);
var branch_Condition = dFlow.Get_Branch_Condition(0);
if (logToDisplay2)
{
Console.WriteLine("Branch Condition:" + branch_Condition);
}
{
State state2a = new State(state);
state2a.Add(new BranchInfo(branch_Condition, true));
if (logToDisplay2)
{
Console.WriteLine("state with ZF = true:\n" + state2a);
}
TestTools.IsTrue(state2a.IsConsistent);
TestTools.AreEqual(Rn.RAX, 10, state2a); // TODO why is 10 / 20 reversed?
}
{
State state2b = new State(state);
state2b.Add(new BranchInfo(branch_Condition, false));
if (logToDisplay2)
{
Console.WriteLine("state with ZF = false:\n" + state2b);
}
TestTools.IsTrue(state2b.IsConsistent);
TestTools.AreEqual(Rn.RAX, 20, state2b);
}
}
public void Test_Runner_Jmp_2()
{
string programStr =
" cmp rax, 0 " + Environment.NewLine +
" je label1 " + Environment.NewLine +
" mov rbx, 10 " + Environment.NewLine +
"label1: " + Environment.NewLine +
" mov rbx, 10 " + Environment.NewLine +
"label2: ";
Tools tools = CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
State state = dFlow.EndState;
if (logToDisplay)
{
Console.WriteLine(state);
}
TestTools.IsTrue(state.IsConsistent);
TestTools.AreEqual(Rn.RBX, 10, state);
}
public void Test_Runner_Jmp_1()
{
string programStr =
" cmp rax, 0 " + Environment.NewLine +
" jz label1 " + Environment.NewLine +
" mov rax, 0 " + Environment.NewLine +
"label1: ";
Tools tools = this.CreateTools();
StaticFlow sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
DynamicFlow dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
State state = dFlow.EndState;
//if (logToDisplay) Console.WriteLine("DynamicFlow:\n" + dFlow.ToString(staticFlow));
if (logToDisplay)
{
Console.WriteLine(state);
}
TestTools.IsTrue(state.IsConsistent);
TestTools.AreEqual(Rn.RAX, 0, state);
}
public void Test_Runner_Jmp_7()
{
string programStr =
" jz label1 " + Environment.NewLine +
" mov rax, 10 " + Environment.NewLine +
" jmp label2 " + Environment.NewLine +
"label1: " + Environment.NewLine +
" mov rax, 20 " + Environment.NewLine +
"label2: " + Environment.NewLine +
" mov rbx, rax " + Environment.NewLine +
" jz label3 " + Environment.NewLine +
"label3: ";
Tools tools = this.CreateTools();
StaticFlow sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
//var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
DynamicFlow dFlow = Runner.Construct_DynamicFlow_Forward(sFlow, tools);
//DotVisualizer.SaveToDot(sFlow, dFlow, "test1.dot");
State state = dFlow.EndState;
Assert.IsNotNull(state);
if (logToDisplay)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_000????0", state);
Microsoft.Z3.BoolExpr branch_Condition = dFlow.Get_Branch_Condition(0);
{
State state2a = new State(state);
state2a.Add(new BranchInfo(branch_Condition, true));
if (logToDisplay)
{
Console.WriteLine("state with ZF = true:\n" + state2a);
}
TestTools.IsTrue(state2a.IsConsistent);
TestTools.AreEqual(Rn.RAX, 10, state2a);
}
{
State state2b = new State(state);
state2b.Add(new BranchInfo(branch_Condition, false));
if (logToDisplay)
{
Console.WriteLine("state with ZF = false:\n" + state2b);
}
TestTools.IsTrue(state2b.IsConsistent);
TestTools.AreEqual(Rn.RAX, 20, state2b);
}
}
public void Test_Runner_Jmp_6()
{
string programStr =
" jz label1 " + Environment.NewLine +
"label1: ";
Tools tools = CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
tools.StateConfig = sFlow.Create_StateConfig();
var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
State state = dFlow.EndState;
Assert.IsNotNull(state);
//DotVisualizer.SaveToDot(sFlow, dFlow, "test1.dot");
if (logToDisplay)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
var branch_Condition = dFlow.Get_Branch_Condition(0);
{
State state2a = new State(state);
state2a.Add(new BranchInfo(branch_Condition, true));
if (logToDisplay)
{
Console.WriteLine("state with ZF = true:\n" + state2a);
}
TestTools.AreEqual(Tv.ONE, state2a.IsConsistent);
}
{
State state2b = new State(state);
state2b.Add(new BranchInfo(branch_Condition, false));
if (logToDisplay)
{
Console.WriteLine("state with ZF = false:\n" + state2b);
}
TestTools.AreEqual(Tv.ONE, state2b.IsConsistent);
}
}
public void Test_Runner_Jmp_11()
{
string programStr =
" cmp al, 0 " + Environment.NewLine +
" jp label1 " + Environment.NewLine +
" mov al, 1 " + Environment.NewLine +
" jz label1 " + Environment.NewLine +
" mov al, 2 " + Environment.NewLine +
"label1: ";
Tools tools = CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
if (logToDisplay)
{
Console.WriteLine(sFlow.ToString());
}
tools.StateConfig = sFlow.Create_StateConfig();
var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
State state = dFlow.EndState;
Assert.IsNotNull(state);
if (logToDisplay)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
var branch_Condition_jp = dFlow.Get_Branch_Condition(1);
var branch_Condition_jz = dFlow.Get_Branch_Condition(3);
if (true)
{
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jp, true));
state2.Add(new BranchInfo(branch_Condition_jz, true));
TestTools.AreEqual(Rn.AL, "00000000", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jp, true));
state2.Add(new BranchInfo(branch_Condition_jz, false));
TestTools.AreEqual(Rn.AL, "????????", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jp, false));
state2.Add(new BranchInfo(branch_Condition_jz, true));
TestTools.AreEqual(Rn.AL, "XXXXXXXX", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jp, false));
state2.Add(new BranchInfo(branch_Condition_jz, false));
TestTools.AreEqual(Rn.AL, "00000010", state2);
}
}
}
public void Test_Runner_Jmp_10()
{
string programStr =
" cmp rax, 0 " + Environment.NewLine +
" jz label1 " + Environment.NewLine +
" mov rax, 1 " + Environment.NewLine +
" jz label1 " + Environment.NewLine +
" mov rax, 2 " + Environment.NewLine +
"label1: ";
Tools tools = this.CreateTools();
StaticFlow sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
if (logToDisplay)
{
Console.WriteLine(sFlow.ToString());
}
tools.StateConfig = sFlow.Create_StateConfig();
DynamicFlow dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
State state = dFlow.EndState;
Assert.IsNotNull(state);
if (logToDisplay)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
Microsoft.Z3.BoolExpr branch_Condition_jz1 = dFlow.Get_Branch_Condition(1);
Microsoft.Z3.BoolExpr branch_Condition_jz2 = dFlow.Get_Branch_Condition(3);
if (true)
{
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz1, true));
state2.Add(new BranchInfo(branch_Condition_jz2, true));
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000000", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz1, true));
state2.Add(new BranchInfo(branch_Condition_jz2, false));
TestTools.AreEqual(Rn.RAX, "XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz1, false));
state2.Add(new BranchInfo(branch_Condition_jz2, true));
TestTools.AreEqual(Rn.RAX, "XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX_XXXXXXXX", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz1, false));
state2.Add(new BranchInfo(branch_Condition_jz2, false));
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000010", state2);
}
}
}
public void Test_Runner_Jmp_8()
{
string programStr =
" jz label1 " + Environment.NewLine +
" mov rax, 1 " + Environment.NewLine +
" jc label1 " + Environment.NewLine +
" mov rbx, 2 " + Environment.NewLine +
"label1: " + Environment.NewLine +
" mov rcx, 3 ";
Tools tools = this.CreateTools();
var sFlow = new StaticFlow(tools);
sFlow.Update(programStr);
if (logToDisplay)
{
Console.WriteLine(sFlow.ToString());
}
tools.StateConfig = sFlow.Create_StateConfig();
var dFlow = Runner.Construct_DynamicFlow_Backward(sFlow, tools);
State state = dFlow.EndState;
Assert.IsNotNull(state);
if (logToDisplay)
{
Console.WriteLine("state:\n" + state);
}
TestTools.IsTrue(state.IsConsistent);
var branch_Condition_jz = dFlow.Get_Branch_Condition(0);
var branch_Condition_jc = dFlow.Get_Branch_Condition(2);
if (true)
{
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz, true));
TestTools.AreEqual(Rn.RAX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz, false));
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000001", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
}
if (true)
{
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jc, true));
TestTools.AreEqual(Rn.RAX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jc, false));
TestTools.AreEqual(Rn.RAX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
}
if (true)
{
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz, true));
state2.Add(new BranchInfo(branch_Condition_jc, true));
TestTools.AreEqual(Rn.RAX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz, true));
state2.Add(new BranchInfo(branch_Condition_jc, false));
TestTools.AreEqual(Rn.RAX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz, false));
state2.Add(new BranchInfo(branch_Condition_jc, true));
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000001", state2);
TestTools.AreEqual(Rn.RBX, "????????_????????_????????_????????_????????_????????_????????_????????", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
if (true)
{
State state2 = new State(state);
state2.Add(new BranchInfo(branch_Condition_jz, false));
state2.Add(new BranchInfo(branch_Condition_jc, false));
TestTools.AreEqual(Rn.RAX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000001", state2);
TestTools.AreEqual(Rn.RBX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000010", state2);
TestTools.AreEqual(Rn.RCX, "00000000_00000000_00000000_00000000_00000000_00000000_00000000_00000011", state2);
}
}
}
